Protecting secret keys with personal entropy
نویسندگان
چکیده
Conventional encryption technology often requires users to protect a secret key by selecting a password or passphrase. While a good passphrase will only be known to the user, it also has the flaw that it must be remembered exactly in order to recover the secret key. As time passes, the ability to remember the passphrase fades and the user may eventually lose access to the secret key. We propose a scheme whereby a user can protect a secret key using the “personal entropy” in his own life, by encrypting the passphrase using the answers to several personal questions. We designed the scheme so the user can forget answers to a subset of the questions and still recover the secret key, while an attacker must learn the answer to a large subset of the questions in order to recover the secret key.
منابع مشابه
Protecting Secret Keys with Blind Computation Service Based on Discrete Logarithm
Normally computer users use a passphrase or a password to encrypt secret values in computer systems. In this case, to prevent the brute–force attack, the password should be long enough and difficult to guess. But, such kind of passwords are also difficult for the human beings to remember. In this paper, we propose a method for protecting secret keys. A secret key means secret value like the pas...
متن کاملTracing Insider Attacks in the Context of Predicate Encryption Schemes
In a predicate encryption scheme an authority generates master public and secret keys, and uses the master secret key to derive personal secret keys for authorized users. Each user’s personal secret key SKf corresponds to a predicate f defining the access rights of that user, and each ciphertext is associated (by the sender) with an attribute. The security provided is that a ciphertext associat...
متن کاملFormally Assessing Cryptographic Entropy
Cryptography relies on the secrecy of keys. Measures of information, and thus secrecy, are called entropy. Previous work does not formally assess the cryptographically appropriate entropy of secret keys. This report defines several new forms of entropy appropriate for cryptographic situations. This report defines statistical inference methods appropriate for assessing cryptographic entropy.
متن کاملMobility Independent Secret Key Generation for Wearable Health-care Devices
Security in Wireless Body Area Networks (WBAN) is of major concern as the miniature personal health-care devices need to protect the sensitive health information transmitted in wireless medium. It is essential for these devices to generate the shared secret key used for data encryption periodically. Recent studies have exploited wireless channel characteristics, e.g., received signal strength i...
متن کاملGeneration of the Secret Encryption Key Using the Signature of the Embedded System
Program protection, programming code integrity and intellectual property protection are important problems in embedded systems. Security mechanisms for embedded systems have some specific restrictions related to limited resources, bandwidth requirements and security. In this paper we develop a secret encryption key generation algorithm by using the signature of the embedded system. We explore t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Future Generation Comp. Syst.
دوره 16 شماره
صفحات -
تاریخ انتشار 2000